<%@ page import="java.sql.*" %>
<%@ page import="java.io.*" %>
<%@ include file="loginDetails.jsp" %>


<%!
String validateLogin(JspWriter out,HttpServletRequest request,
					HttpSession session)
{
	Integer x;
	Connection conn = null;
	String username = request.getParameter("username");
	String password = request.getParameter("password");
	String retStr = null;
	if(username == null || password == null)
		return null;
	if((username.length() == 0) || (password.length() == 0))
		return null;
	try{
	conn = DriverManager.getConnection 
            (url,user_id,pass );
	}
	catch ( Exception e) { 
        System .out.println (" Error " + e );
    }
	
	try
	{
		String storedProc = "select user_name,password,level_of_access from users where user_name='" + username + "' and password='" + password + "';";
        CallableStatement callableStatement = conn.prepareCall(storedProc);
        callableStatement.clearParameters(); 
        ResultSet results = callableStatement.executeQuery();
        results.next();
        int access = results.getInt("level_of_access");
        callableStatement.close ();
        x = access;
	}
	catch(Exception E)
	{
		x = -1;
	}
	
	if(x == 0){ 	
		
		session.setAttribute("authenticatedUser",username);
		session.setAttribute("access", x);
		return "danisgay";
	}
	else
		session.setAttribute("loginMessage","Failed login.");
	return null;
} 
%>


<%
String authenticatedUser = null;
session = request.getSession(true);// May create new session
//try{
	authenticatedUser = validateLogin(out,request,session);
//}
//catch(IOException e){ System.err.println(e); }

if(authenticatedUser != null)
	response.sendRedirect("search_by_name.jsp"); // Success
else
	response.sendRedirect("login.jsp"); // Failed login
// Redirect back to login page with a message
%>
